package com.scau.shiro;

import java.util.ArrayList;
import java.util.List;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import com.scau.dao.IAdminDao;
import com.scau.dao.impl.AdminDaoImpl;
import com.scau.service.IAdminService;
import com.scau.service.impl.AdminServiceImpl;
import com.scau.vo.Admin;

/**
 * @author Jinglun
 * @create 2017年5月19日
 */
public class UserRealm extends AuthorizingRealm{
	
	private IAdminDao adminDao;
	
	// 授权
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		//从principals获取主身份信息
	    //将getPrimaryPrincipal()返回的值强制转换为真实身份信息【在下边的doGetAuthenticationInfo()认证通过填充到SimpleAuthenticationInfo中的身份信息】
	    String userCode = (String) principals.getPrimaryPrincipal();
	    System.out.println("realm授权方法的userCode:" + userCode);
	   
	    if (userCode.equals("admin")){
	    	System.out.println("进入admin授权");
	    	//根据身份信息获取权限信息，从数据库获取
	   	 
		    //这里先模拟从数据库获取数据
		    List<String> permissions = new ArrayList<String>();
		    permissions.add("supadmin:*"); //超级管理员，可进行所有操作，包括查看报表
		    permissions.add("user:add"); //用户的添加
		    
		    //查到权限数据，返回信息
		    SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
		    //将List里面的权限填充进去
		    simpleAuthorizationInfo.addStringPermissions(permissions);

		    return simpleAuthorizationInfo;
	    } else if (userCode.equals("小小")) {
	    	System.out.println("进入小小授权");
	    	List<String> permissions = new ArrayList<String>();
		    //permissions.add("supadmin:*"); //超级管理员，可进行所有操作，包括查看报表
		    //permissions.add("user:add"); //用户的添加
		    
		    //查到权限数据，返回信息
		    SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
		    //将List里面的权限填充进去
		    simpleAuthorizationInfo.addStringPermissions(permissions);

		    return simpleAuthorizationInfo;
	    } else 
	    	return null;
   
	}

	// 认证
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(
			AuthenticationToken token) throws AuthenticationException {
		
		String userCode = (String) token.getPrincipal();
		System.out.println("userCode:"+userCode);

		//查出是否有此用户  
        List<Admin> foundAdmin = adminDao.findByName(userCode);
        System.out.println("realm里查出的admin:" + foundAdmin);
        
        Admin admin = foundAdmin.get(0);
        System.out.println("list转成admin:" + admin);
        
        if(admin != null){
            //若存在，将此用户存放到登录认证info中  
            return new SimpleAuthenticationInfo(admin.getName(), admin.getPassword(), getName());
        }
        return null;
	}

	public IAdminDao getAdminDao() {
		return adminDao;
	}

	public void setAdminDao(IAdminDao adminDao) {
		this.adminDao = adminDao;
	}

}
